edg-l/ddnet
1
0
Fork 0
mirror of https://github.com/ddnet/ddnet.git synced 2024-11-19 14:38:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sanitizing the path to which we save server configurations, and also demo files

Browse source
This commit is contained in:
Rudi 2014-12-21 00:13:13 +01:00 committed by oy
parent d38af947a1
commit b3321e506c
4 changed files with 41 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/base/system.c
View file

@ -1610,6 +1610,22 @@ void str_sanitize_cc(char *str_in)
}
}
void str_sanitize_pathname(char* str_in)
{
str_sanitize_pathname_from_character(str_in, 0);
}
void str_sanitize_pathname_from_character(char* str_in, unsigned int fromCharN)
{
unsigned char *str = ((unsigned char *) str_in) + fromCharN;
while(*str)
{
if (*str == '\\' || *str == '/' || *str == '~')
*str = '-';
str++;
}
}
/* makes sure that the string only contains the characters between 32 and 255 + \r\n\t */
void str_sanitize(char *str_in)
{

19
src/base/system.h
View file

@ -813,6 +813,25 @@ void str_sanitize_cc(char *str);
*/
void str_sanitize(char *str);
/*
Function: str_sanitize_pathname_from_character
Replaces all characters '/' '\' and '~' which can lead path
hijacking, with '-', starting from character at position str_in fromCharN
Parameters:
str - String to sanitize.
fromCharN - Positive integer of the first character to check (form 0)
Remarks:
- The strings are treated as zero-terminated strings.
*/
void str_sanitize_pathname_from_character(char* str_in, unsigned int fromCharN);
/*
Same as the function above but starting from first character
*/
void str_sanitize_pathname(char* str_in);
/*
Function: str_clean_whitespaces
Removes leading and trailing spaces and limits the use of multiple spaces.

8
src/engine/server/server.cpp
View file

@ -1487,6 +1487,7 @@ void CServer::ConRecord(IConsole::IResult *pResult, void *pUser)
str_timestamp(aDate, sizeof(aDate));
str_format(aFilename, sizeof(aFilename), "demos/demo_%s.demo", aDate);
}
str_sanitize_pathname_from_character(aFilename, 6);
pServer->m_DemoRecorder.Start(pServer->Storage(), pServer->Console(), aFilename, pServer->GameServer()->NetVersion(), pServer->m_aCurrentMap, pServer->m_CurrentMapCrc, "server");
}
@ -1507,14 +1508,15 @@ void CServer::ConSaveConfig(IConsole::IResult *pResult, void *pUser)
char aFilename[128];
if(pResult->NumArguments())
str_format(aFilename, sizeof(aFilename), "%s.cfg", pResult->GetString(0));
str_format(aFilename, sizeof(aFilename), "serverconf/%s.cfg", (pResult->GetString(0)));
else
{
char aDate[20];
str_timestamp(aDate, sizeof(aDate));
str_format(aFilename, sizeof(aFilename), "server_config_%s.cfg", aDate);
str_format(aFilename, sizeof(aFilename), "serverconf/server_config_%s.cfg", aDate);
}
str_sanitize_pathname_from_character(aFilename, 11);
char aBuf[256];
if (currentConfig->SaveServerConfigs(aFilename) == 0)
{
@ -1622,7 +1624,7 @@ void CServer::RegisterCommands()
Console()->Register("reload", "", CFGFLAG_SERVER, ConMapReload, this, "Reload the map");
Console()->Register("save_conf", "?s", CFGFLAG_SERVER, ConSaveConfig, this, "Save current configuration to file");
Console()->Register("saveserverconf", "?s", CFGFLAG_SERVER, ConSaveConfig, this, "Save current configuration to file");
Console()->Chain("sv_name", ConchainSpecialInfoupdate, this);
Console()->Chain("password", ConchainSpecialInfoupdate, this);

1
src/engine/shared/storage.cpp
View file

@ -68,6 +68,7 @@ public:
fs_makedir(GetPath(TYPE_SAVE, "dumps", aPath, sizeof(aPath)));
fs_makedir(GetPath(TYPE_SAVE, "demos", aPath, sizeof(aPath)));
fs_makedir(GetPath(TYPE_SAVE, "demos/auto", aPath, sizeof(aPath)));
fs_makedir(GetPath(TYPE_SAVE, "serverconf", aPath, sizeof(aPath)));
}
else
{